Powerful Sandbox Escape for iOS 12.0-12.1 Released

2018-12-05394Posted by 3uTools

While there’s no official confirmation of any individual or team of people working on a public iOS 12 jailbreak, it seems that we could be one step closer as of Tuesday.

Citing a post published on /r/jailbreak, it appears that a powerful sandbox escape impacting iOS 12.0-12.1 has been released to the internet, fueling speculation that a public jailbreak tool could be crafted in the future with support for Apple’s latest and greatest mobile operating system.

Intriguingly, one of the first responses to the post was unc0ver developer and iOS hacker Pwn20wnd himself, denoting his interest in seeing whether the iOS 12-centric sandbox escape might work on iOS 11.4.1 or not. Pwn20wnd also replied to an avid jailbreaker that expressed interest in iOS 12 support being added to unc0ver, responding with “don’t get hyped up for now.”

As it would seem, this particular sandbox escape might be compatible with the Pangu Team’s IOHID vulnerability for iOS 12.0.x. That said, it could potentially aid in producing an iOS 12 jailbreak down the road; but as Pwn20wnd expressed, that’s not to say something will materialize anytime soon.

Given the circumstances, we wouldn’t recommend upgrading to iOS 12 if you’re already happily jailbroken on iOS 11. If you’re not jailbroken at all and are waiting to jailbreak, then it’s important to stay on the lowest firmware possible.

Building a jailbreak requires more than a single sandbox escape or exploit; jailbreak tools frequently call for numerous exploits and an individual willing to dedicate time and resources into building a dedicated jailbreak tool. So while no one appears to be working on a public iOS 12 jailbreak at the moment, it’s at least comforting to see a vital puzzle piece fall into the jailbreak community’s lap.

Notably, security firm KeenLab demonstrated how it’s indeed possible to jailbreak iOS 12, but their jailbreak was never released to the public and was kept internally for testing purposes instead.

It should be interesting to see whether this sandbox escape contributes to anything special in the future, but like most things of this nature, it’s best to take it with a grain of salt.